Lucene search
+L

6 matches found

Cvelist
Cvelist
added 2026/06/26 8:19 p.m.40 views

CVE-2026-52885 Notepad++ TOCTOU: HMAC Checks Disk, Executes from Memory

Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires Time-of-Check. However, the command payload is taken from the in-memory userCommands vector, which is populated at application...

7.5CVSS0.00129EPSS
Exploits2References2
CVE
CVE
added 2026/06/26 8:19 p.m.50 views

CVE-2026-52885

Notepad++ Notepad++ v8.9.6.4 fixes a TOCTOU vulnerability (CVE-2026-52885) where the on-disk HMAC of shortcuts.xml is checked at trigger time while the command payload is loaded into memory at startup and never synchronized. An attacker with write access to shortcuts.xml can plant a malicious fil...

7.5CVSS6AI score0.00129EPSS
Exploits2References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/18 5:14 a.m.10 views

CVE-2026-32606 IncusOS has a LUKS encryption bypass due to insufficient TPM policy

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

7.6CVSS5.8AI score0.0014EPSS
Exploits0References5
OSV
OSV
added 2026/02/04 9:38 p.m.3 views

GHSA-WC42-FCJP-V8VQ EVE Doesn't Protect Config Partition with Measured Boot

Impact Config partition measurement was moved from PCR 13 to PCR 14 in a commit, but PCR 14 was not added to the list of PCRs that seal/unseal the vault key. As a result, an attacker can remove the disk, use another server to modify the files in the config partition, and then re-insert the disk...

5.9CVSS5.4AI score0.00159EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2005/02/18 5:20 p.m.14 views

security flaw

The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released...

5CVSS5.7AI score0.02218EPSS
Exploits0References4
NVD
NVD
added 2005/02/15 5:0 a.m.26 views

CVE-2005-0176

The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released...

5CVSS5.9AI score0.02218EPSS
Exploits0References9
Rows per page
Query Builder